Documents obtained by former NSA contractor Edward Snowden and published on The Intercept show that NSA analysts monitored content on The Pirate Bay and used the agency’s surveillance systems to track where it came from. The documents also show that the NSA’s British partners at the GCHQ used XKeyscore data as part of a surveillance program on sites that included WikiLeaks. That was part of a broader psychological profiling and targeting program to collect intelligence, influence individuals online, and disrupt groups like Anonymous that were considered threats.

The new documents show that the GCHQ conducted "broad real-time monitoring of social media activities, processing data on activities like watching YouTube videos and Facebook Likes to profile, categorize, and target individuals for psychological operations." The NSA documents in the latest disclosure refer to monitoring for content that could be considered "malicious foreign activity." But it's clear that the NSA also used its XKeyscore surveillance to dig through traffic to the torrent-sharing site, and it could very well have profiled foreign users of sites like WikiLeaks and monitored their access to that and other websites.

However, the documents—one an internal NSA "frequently asked questions" Wiki page and the other a set of GCHQ slides on psychological operations—do not provide a picture of how much information about people accessing WikiLeaks was shared between the GCHQ and the NSA. And while the documents point to NSA monitoring of Pirate Bay, there's no suggestion of how the information gathered was used or if it was used at all.

A third, unpublished document shows that the Obama administration apparently encouraged foreign governments in 2010 (including the UK) to pursue charges against WikiLeaks for the publication of diplomatic “wires” provided by Chelsea Manning, formerly known as Bradley Manning.

“Squeaky Dolphin,” “Airwolf,” and “AnticrisisGirl”

The GCHQ slide deck, published in 2012, highlights two tools used to conduct social networking, Web monitoring, and profiling. The first, called "Squeaky Dolphin," pulls online activities within Web traffic caught by the agency's monitoring systems. The monitoring systems are called "Airwolf" in the slides, which may be a UK codeword for the GCHQ’s equivalent of XKeyscore. That data includes webmail, blogs visited, YouTube views, Facebook "likes" clicked on websites themselves, and other data culled from individual users’ captured activity.

It runs those activities, captured in real-time, through IBM’s InfoSphere Streams processing software to create analytical feeds. Those feeds are then piped into a Splunk database and surfaced through a "dashboard" view that allows analysts to find trends in sentiment. As an example, the slides showed activity related to cricket matches in London and the surge in Facebook likes for Conservative member of Parliament Liam Fox. It can also be used to spot trends in traffic that might indicate upcoming events such as protests or other civil unrest.

While Squeaky Dolphin tends to look at things with a wider view, "AnticrisisGirl" is a bit more targeted. It can be used to passively monitor specific websites—including traffic to WikiLeaks, as the slides demonstrate. The tool can be tuned to a specific set of Internet user signatures or keywords, and it provides analytics of their behavior in real time, capturing search terms or direct Web addresses used to get to the sites in question.

“Nothing to worry about”

The final document in the latest disclosure, from an NSA internal Wiki, is entitled “Discovery SIGINT Targeting Scenarios and Compliance." Created in 2011, it provides guidance on what is and isn’t allowed in performing XKeyscore queries and using other analytics tools to capture and analyze data. The document explains when it's allowed to query against US “selectors”—people or systems running within the United States.

One of the entries is entitled “Unknowingly targeting a US person”:

I screwed up…the selector had a strong indication of being foreign, but it turned out to be US…now what?

NOC/OGC RESPONSE: With all querying, if you discover it actually is US, then it must be submitted and go in the [Office of General Counsel] quarterly report…’but it’s nothing to worry about.’ (Source #001)

Several of the entries on the Wiki page relate to monitoring of PirateBay. One question posted asked whether it was OK to back-trace connections to thepiratebay.org "even if it hops through US based proxies." The NSA’s Office of General Counsel responded that it was allowed only by use of metadata "chaining" in compliance with the Department of Defense’s Supplemental Procedures Governing Communications Metadata Analysis” (SPCMA). That order requires that analysts "enter a foreign intelligence (FI) justification for making a query or starting a chain"—in other words, analysts can’t just start a query of a post on The Pirate Bay without documenting their cause.

Another question posted about The Pirate Bay asked if a password for an account associated with a US person was enough to rule out tracking the source. “If a list of .mil passwords were released to thepiratebay.org…can we go back into [XKeyscore data] (using a custom created fingerprint) to search for traffic containing that password in foreign traffic just before the release?” The official response was that while a password alone would not normally be considered to a "US person," searching for the password data for military accounts would be allowed due to the NSA’s support role for the Defense Department. Such actions would be "consistent with the SIGINT Consensual Collection package signed by [the commander of] USCYBERCOM and [director of the NSA], appropriate to both of his hats"—referring to Gen. Keith Alexander’s dual role as head of both DOD’s cyber operations and the NSA.

Ironically, the NSA's privacy regulations do keep it from collecting one type of data—private information published by hackers. In a response to a question on whether it was legal to store data exposed by Anonymous or other groups for forensic purposes, the NSA general counsel said it was only legal to retain ".mil information." It wasn't clear whether it was legal to retain data from other government agencies.

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

Granted, but that doesn't mean we shouldn't try to maintain/restore a society and government that respects the privacy of all citizens. My snail-mail isn't encrypted, but there are laws that can be used to punish someone who goes snooping to see what it contains. We don't have digital equivalents in most areas yet, and we should work towards that end.

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

agree. but any time the gov't says they need to spy on us, the first response should be "You first" before we track our citizens', we should track our politicians'. before we read our citizens' mail, we should read our politicians'.

If you are caught spying on your neighbors you become an instant pariah in the neighborhood. People call you names, none of them gentle.

If you are a NSA employee and are caught spying on unsuspecting citizens Congress raises in unison to commend you on your service to the country.

At which point does a perv become a patriot ?

When it is ostensibly done in the name of protecting people from the "insidious" enemy of the day, whether that be communists, terrorists, Eastasia or Eurasia. Manipulating humans via fear of the "other" is almost stupidly easy to do (see the American two-party system for a very effective example).

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

agree. but any time the gov't says they need to spy on us, the first response should be "You first" before we track our citizens', we should track our politicians'. before we read our citizens' mail, we should read our politicians'.

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

Granted, but that doesn't mean we shouldn't try to maintain/restore a society and government that respects the privacy of all citizens. My snail-mail isn't encrypted, but there are laws that can be used to punish someone who goes snooping to see what it contains. We don't have digital equivalents in most areas yet, and we should work towards that end.

While they may not open your mail most of the time, they do scan every piece of mail that goes through their systems making sure to track who it's going to and who it's coming from. And, if they have some pretense that you might be sending something illegal (like they suspect you have some illicit material in it), they can open it and reseal it for "safety". While most of the time you are pretty safe to send it through mail, they can still open it and not get in trouble if they REALLY wanted to.

Contrary to your headline, the docs *do* reveal discussion of whether or not such surveillance of those sites would be appropriate and legal, and under what circumstances, but do *not* appear to indicate (one way or another) that such surveillance was ever actually done. They only show the procedural question/answer process -- and it's actually reassuring to see that such a process at least existed and was being used (wanna bet on similar process in Russia, China, etc.?)

The new documents show that the GCHQ conducted "broad real-time monitoring of social media activities, processing data on activities like watching YouTube videos and Facebook Likes to profile, categorize, and target individuals for psychological operations."

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

Surveillance society is a natural evolution for tyrants and political criminals who wish total control over the masses to keep their power unquestioned and unchanged, so they can abuse others unpunished.

We gotta solve that with crypto, the entire internet must be encrypted in a way that can't be easily broken.

I'll never tire of reading and commenting about how and plumbed all our intertubes but it does feel like we have reached the point of diminishing returns on all of the NSA's SIGINT reporting. At some point you just have to assume that the NSA has pawned all our comms and behave accordingly.

But I hope we get more information on how all this big data is in turn being used in OPS to control and manipulate individuals and foreign and domestic populations. Where are the stories about parallel construction, honeypots, entrapment, culture jamming, and what-not? It is annoying for the populace to see how much time, effort, and money is wasted in surveilling everyone, but it will turn into outrage when people see how the surveillance is used to influence and jail them.

People who think differently from the people in power are seen as a threat to those people in power. And when the power is brought to bear, things get scary.

On the other hand, the surveillance society is a natural evolution of mass adoption of information technology. One should assume all unencrypted (and perhaps even some encrypted) data may be intercepted at any time, by any one (government or other third party).

That is like saying the rape society is a natural evolution of a modern society. One should assume you could be raped by any one (government or other third party).

Just because something is possible doesn't mean we should accept it, or that it should be legal!

'["AnticrisisGirl"] can be tuned to a specific set of Internet user signatures or keywords, and it provides analytics of their behavior in real time, capturing search terms or direct Web addresses used to get to the sites in question.'

Not yet revealed: The comment sections on Ars articles about NSA leaks are similarly scrutenized...

'["AnticrisisGirl"] can be tuned to a specific set of Internet user signatures or keywords, and it provides analytics of their behavior in real time, capturing search terms or direct Web addresses used to get to the sites in question.'

Not yet revealed: The comment sections on Ars articles about NSA leaks are similarly scrutenized...

This place is crawling with paid shills to defend the abuse. There is no single article which doesn't have people voting down the critics of the abuse and there is no serious criticism that goes unanswered.

'["AnticrisisGirl"] can be tuned to a specific set of Internet user signatures or keywords, and it provides analytics of their behavior in real time, capturing search terms or direct Web addresses used to get to the sites in question.'

Not yet revealed: The comment sections on Ars articles about NSA leaks are similarly scrutenized...

This place is crawling with paid shills to defend the abuse. There is no single article which doesn't have people voting down the critics of the abuse and there is no serious criticism that goes unanswered.

This place is also crawling with people who label other paid shills without any evidence. Or are we all expected to have the same beliefs and outlooks on life and society?

To those saying this leak isn't news, the reason it is is that it shows that governments will use their spy apparatuses to go after people who are not legitimate surveillance targets.

We're saying it isn't news, because the word implies that it's something we didn't already know (or at least expect). Now if they had documents showing that they DIDN'T spy on those people that would be news, and my head would probably explode.As far as legitimacy goes, WikiLeaks and Pirate Bay are both foreign entities from the perspectiive of the NSA and GCHQ so they technically fall into their presumed scope - regardless of what we think of that scope. Of course that's totally a coincidence, because we all already know that they don't give a rat fart about whether somebody falls in that scope, which takes us back to the first paragraph.

I bet the RIAA would love it if they got to point all this apparatus at TPB.

I assume, though, that if I download an mp3 and do not listen to it, then I have not pirated anything?

(Like how the NSA claims they collect but have not surveiled until they look at content.)

If you have read the article, you know it is already pointed at TPB.

Most certainly the RIAA is aware of it and loves it.

The article didn't mention the RIAA or any resulting lawsuits against pirates. I read the longer-form version of the story last night and TPB sounded mostly experimental, not being used to erm.. fight terror at full capacity yet.

Your headline says users of Wikileaks were "watched" and "spied on", while Greenwald's article says of the Piwik-generated general website analytics:

Quote:

It is unclear from the PowerPoint presentation whether GCHQ monitored the WikiLeaks site as part of a pilot program designed to demonstrate its capability, using only a small set of covertly collected data, or whether the agency continues to actively deploy its surveillance system to monitor visitors to WikiLeaks.

"It can also be used to spot trends in traffic that might indicate upcoming events such as protests or other civil unrest."

This is what I, and many of the techies I know in the US, really think is going on with the NSA and the government, not rooting out terrorists. Since when is protest or even civil unrest, a threat to national security?

In spite of being drafted to serve during the Vietnam War, like most veterans, I served to the best of my ability. I also protested the War relentlessly after my discharge. Again like many who served, I disagreed not just with the US goals (real, not PR jingoism), but the way that politicians and bureaucrats had taken over the War, leading to the deaths of hundreds of my fellow servicemen. I wanted them home, so I protested and marched and carried signs.

Strange, while I was in uniform and before I was deployed overseas, I was tagged as a security augmentee and trained in crowd control, in preparation of threatened marches to be led by Ms. Fonda to the installation where I was stationed. Much of that training involved role playing where fellow forces posed as civilians and attempted to shock us, by screaming, swearing and cursing at us.

So I value the duty that US citizens, and humans everywhere, feel they have to protest for the betterment of the human condition and to counter abuse of power by government and civil/military authority. It disturbs me that the US government now considers civilian protest anything remotely resembling or connected to terrorist activity.

So you don't find it incredibly, astonishingly chilling that they kept identity information about everyone who simply visited the Wikileaks web site? IMO it's pretty easy to spin this as the government keeping track of those who might have sympathies against it. Can you think of any examples of where that's worked out badly for innocent citizens? To me, this is exactly what comes to mind when people say there are no demonstrated abuses of NSA surveillance data. I can just picture Richard Nixon asking for a list of those who visited certain web sites, and then figuring out ways to use the IRS and other government agencies against them. To me, minimizing the risk of something like this is like saying there's no reason for Iran not to have a nuclear weapon. After all, they've never used one against anybody, right?